Synnr @ Synnr @sopuli.xyz

Posts

1

Comments

282

Joined

2 yr. ago

As a google user, what... what am I doing wrong right?

Using a browser instead of the YouTube app?

Unless you're talking about Google links then yes. Amazon too, along with many other services. There's a ClearURLs Firefox add-on to remove them automatically.

But it's insidious with YouTube because people are much more likely to share YouTube videos on a public forum, and they just randomly started doing it one day.

You know that ?si= at the end of the YouTube URL that is copied when you share a video from within the YouTube app?

That's an individual tracking ID specific to you. So if you've ever shared a YouTube video on lemmy, reddit, Facebook, tiktok, or anywhere else without removing that code one time, anyone at Google with access to the ID system can now link you to that account with your real name, IP address and time accessed, device name, etc.

That... doesn't look like a makeshift crack pipe to smoke DMT?

Maybe Vic and Garfield had more ethnobotany knowledge than the comic let on and they're puffing changa. Maybe that's why Garfield can talk.

These days?

We live in the most peaceful time in human history. We just also live in the most informationally accessable time, so you get a constant stream about new violence and inhumanity happening hundreds or thousands of miles from you.

Join an intentional community and trade your smartphone in for a dumb phone. You'll have some disagreements with people, and once in a while there may be a fight with violence, but by and large this is a peaceful time. You won't have the state threatening violence against you for keeping to yourselves. You won't be taken over by a competing state unless you already lived in an unstable region of the globe.

By and large things are great. The corporatized internet has done a number on the minds of the global population, keeping everyone scared, where now someone letting their 10 year old walk to school in a decent neighborhood is reason enough for multiple calls to the police. Shooting someone for ringing their doorbell. Having family-breaking arguments over people's private lives.

Everyone's afraid and there's largely nothing to fear. Far less than a couple decades ago, yet we're far more terrified of everything, we're the least connected in the ways that matter and the most connected in the ways that ultimately don't matter at all. On the internet, toxicity has become the rule, not the exception. That carries over to real-world interactions.

Grow dope, gain hope, become self suffic-an?

Yup. It's like an actor getting typecast as a tough guy who always kicks ass and never gets his ass kicked, makes tons of money from it, and then everyone complaining about him only ever playing a tough guy.

I'm sure a few names come to mind. But they're rich and stuck in that role because most people subconsciously agreed they should be rich and stuck in that role (by liking those movies and going to see them).

1. Guess my age. :)
2. Guess my age (:
3. guess how old I am 💀 no 🧢

ROTFLMFAO!!!!

Yes you can but for people that are looking to set one up today, not someone that's been running one for 5 years and has basically a whitelisted reputation, it takes a lot to set it up and keep your domain and IP space reputation solid, along with DKIM/SPF/etc records, all the latest stuff like Google's new mandatory unsubscribe header that will keep coming up. Even if a couple people on your hosting provider start spamming, if they're in the same IP space as you, You're going to be getting filtered more heavily for using a "bad neighbor" host. The big corporate/"nonprofit" guys like Spamhaus and Google and Microsoft are basically those controlling corporations for emails, what they say in their spec pretty much goes. They're making it h em oarder for people to set up and run their own email servers, whether that is the outright intended effect for their mandatory changes or not.

Don't get me started on trying to set up a business newsletter account on your new corporate mail server, holy hell, the warm-up itself is pulling hairs. There's a reason companies like MailChimp, Zapier, et al make so much money.

Facebook was all those things in the beginning.

Reddit was all those things in the beginning.

Twitter was all those things in the beginning.

LinkedIn was all those things in the beginning.

The Internet in general was all those things in the beginning.

I've never used IG/TT but I assume they were all those things in the beginning.

Lemmy will probably be said to be most of those things in the beginning.

With age comes wisdom, which comes once you've seen the pattern happen enough times, which can only come with age.

Sincerely,

One of those old people.

You're not wrong. Lokinet and Session are both products from the same parent company. Lokinet was renamed to the Oxen protocol, and they run all the servers AFAIK, so it would be like tor, if tor ran every guard, entry, and exit node. AKA worthless. So you're spot on, it's a joy to the intelligence community and after the Encrochat debacle and Session stopped using Signal's encryption algorithms and code, I would suggest no one use it for anything sensitive.

Session does use the Oxen network which is the renamed Lokinet, unless they made a change I'm wholly unaware of.

The Y2K38 Epochalypse bug hit 2 years early due to Microsoft's rushed implementation of Windows Subsystem for Linux under CEO Elon Musk, causing all newer systems running Windows to combust due to a combination of the bug, and a cyberattack on Musk's new chip fab plant in the state of Mexas. The only widespread choices after that are WacOS and Ubuntrue, both parent companies owned by Elon Musk after winning in his presidential prelection in 2026 and removing all antitrust legislation. However there is a hobbyist Unix distribution still being passed around called Briarch that fixed the 2038 problem in 2025 when development started, but you have to be in close proximity to someone with it to get it, which is easy in the country of California but not as easy east of the Nutah border, you really have to trust someone to even ask if they have it.

I posted this down below in a comment thread but I'm afraid it won't be seen and not enough people know about this.

Session was at first a fork of Signal without usernames.

Now by design it uses their own custom tor-like service (instead of just... using tor) and does not support forward secrecy or deniable authentication, so anyone who collects the messages in transit can either find a vulnerability in the encryption scheme, or spend enough GPU resources to crack it, and they have confirmation of who sent and received the message and what the contents of the message are. And is headquartered in Australia, which is 5EYES and much more against encryption than the US. Oh, and the server is closed-source.

Regarding Australia's 2018 bill...

The Australian Parliament passed a contentious encryption bill on Thursday to require technology companies to provide law enforcement and security agencies with access to encrypted communications. Privacy advocates, technology companies and other businesses had strongly opposed the bill, but Prime Minister Scott Morrison’s government said it was needed to thwart criminals and terrorists who use encrypted messaging programs to communicate.

Regarding the 'vulnerability or cracking them later' bit...

Messages that are sent to you are actually sent to your swarm. The messages are temporarily stored on multiple Service Nodes within the swarm to provide redundancy. Once your device picks up the messages from the swarm, they are automatically deleted from the Service Nodes that were temporarily storing them.

From Session's own FAQ:

Session clients do not act as nodes on the network, and do not relay or store messages for the network. Session’s network architecture is closer to a client-server model, where the Session application acts as the client and the Service Node swarm acts as the server. Session’s client-server architecture allows for easier asynchronous messaging (messaging when one party is offline) and onion routing-based IP address obfuscation, relative to peer-to-peer network architectures.

I wouldn't touch it with a 12ft ladder.

Session was at first a fork of Signal without usernames.

Now by design it uses their own custom tor-like service (instead of just... using tor) and does not support forward secrecy or deniable authentication, so anyone who collects the messages in transit can either find a vulnerability in the encryption scheme, or spend enough GPU resources to crack it, and they have confirmation of who sent and received the message and what the contents of the message are. And is headquartered in Australia, which is 5EYES and much more against encryption than the US. Oh, and the server is closed-source.

Regarding Australia's 2018 bill...

The Australian Parliament passed a contentious encryption bill on Thursday to require technology companies to provide law enforcement and security agencies with access to encrypted communications. Privacy advocates, technology companies and other businesses had strongly opposed the bill, but Prime Minister Scott Morrison’s government said it was needed to thwart criminals and terrorists who use encrypted messaging programs to communicate.

Regarding the 'vulnerability or cracking them later' bit...

Messages that are sent to you are actually sent to your swarm. The messages are temporarily stored on multiple Service Nodes within the swarm to provide redundancy. Once your device picks up the messages from the swarm, they are automatically deleted from the Service Nodes that were temporarily storing them.

From Session's own FAQ:

Session clients do not act as nodes on the network, and do not relay or store messages for the network. Session’s network architecture is closer to a client-server model, where the Session application acts as the client and the Service Node swarm acts as the server. Session’s client-server architecture allows for easier asynchronous messaging (messaging when one party is offline) and onion routing-based IP address obfuscation, relative to peer-to-peer network architectures.

I wouldn't touch it with a 12ft ladder.

I automatically read it as private key, good catch

I didn't agree with their decision at all at the time, but now that I realize they made it a little while after it gained widespread adoption and people stopped using it because "Signal isn't actually secure!" ... seems like people were expecting a secure messenger to be, well, secure. So they would chat about anything and everything thinking "I am using a secure messenger, these messages can't be read..." and tech ignorance is a dangerous thing if you're trying to be secure. I would've preferred a colored window and un-closable message for SMS chats, but oh well. I like that they've introduced usernames so you don't have to give out your real number.

What is this, an election for blobfish?

Year of the Linux Desktop! 1999-2035!